admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 00:01:11 +00:00
parent 51659c9c76
commit 094a5477ea
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 3388 additions and 10138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

139
2012/1xxx/CVE-2012-1119.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1119",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,77 +27,101 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "52313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52313"
"url": "http://secunia.com/advisories/51199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51199"
},
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
},
{
"name": "DSA-2500",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2500"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "GLSA-201211-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=13816",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=13816"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
"url": "http://secunia.com/advisories/48258",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48258"
},
{
"name": "49572",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49572"
"url": "http://secunia.com/advisories/49572",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49572"
},
{
"name": "51199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51199"
"url": "http://www.debian.org/security/2012/dsa-2500",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2500"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
},
{
"name": "[oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "http://www.securityfocus.com/bid/52313",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52313"
},
{
"name": "48258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48258"
"url": "http://www.mantisbt.org/bugs/view.php?id=13816",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=13816"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/dea7e315f3fc96dfa995e56e8810845fc07a47aa",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/dea7e315f3fc96dfa995e56e8810845fc07a47aa"
"url": "https://github.com/mantisbt/mantisbt/commit/cf5df427f17cf9204645f83e000665780eb9afe6",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/cf5df427f17cf9204645f83e000665780eb9afe6"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/cf5df427f17cf9204645f83e000665780eb9afe6",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/cf5df427f17cf9204645f83e000665780eb9afe6"
"url": "https://github.com/mantisbt/mantisbt/commit/dea7e315f3fc96dfa995e56e8810845fc07a47aa",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/dea7e315f3fc96dfa995e56e8810845fc07a47aa"
}
]
}

133
2012/1xxx/CVE-2012-1123.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1123",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "52313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52313"
"url": "http://secunia.com/advisories/51199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51199"
},
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
},
{
"name": "DSA-2500",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2500"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/f5106be52cf6aa72c521f388e4abb5f0de1f1d7f",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/f5106be52cf6aa72c521f388e4abb5f0de1f1d7f"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "GLSA-201211-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=13901",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=13901"
"url": "http://secunia.com/advisories/48258",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48258"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
"url": "http://secunia.com/advisories/49572",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49572"
},
{
"name": "49572",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49572"
"url": "http://www.debian.org/security/2012/dsa-2500",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2500"
},
{
"name": "51199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51199"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
},
{
"name": "[oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
"url": "http://www.securityfocus.com/bid/52313",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52313"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "http://www.mantisbt.org/bugs/view.php?id=13901",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=13901"
},
{
"name": "48258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48258"
"url": "https://github.com/mantisbt/mantisbt/commit/f5106be52cf6aa72c521f388e4abb5f0de1f1d7f",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/f5106be52cf6aa72c521f388e4abb5f0de1f1d7f"
}
]
}

181
2012/1xxx/CVE-2012-1129.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1129",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,112 +27,136 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "48797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48797"
"url": "http://secunia.com/advisories/48951",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48951"
},
{
"name": "48508",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48508"
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48822"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "MDVSA-2012:057",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"url": "http://secunia.com/advisories/48508",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48508"
},
{
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
"url": "http://secunia.com/advisories/48822",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48822"
},
{
"name": "52318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52318"
"url": "http://secunia.com/advisories/48973",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48973"
},
{
"name": "USN-1403-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
"url": "http://support.apple.com/kb/HT5503",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT5503"
},
{
"name": "48918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48918"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0484",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0521",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
"url": "http://www.securityfocus.com/bid/52318",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52318"
},
{
"name": "48973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48973"
"url": "http://www.securitytracker.com/id?1026765",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026765"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
"url": "http://www.ubuntu.com/usn/USN-1403-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"name": "SUSE-SU-2012:0483",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800585",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026765"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "openSUSE-SU-2012:0489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
"url": "http://secunia.com/advisories/48797",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48797"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
"url": "http://secunia.com/advisories/48918",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"name": "GLSA-201204-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
}
]
}

193
2012/1xxx/CVE-2012-1133.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1133",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,122 +27,146 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "48797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48797"
"url": "http://secunia.com/advisories/48951",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48951"
},
{
"name": "48300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48300"
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48508",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48508"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48822"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "MDVSA-2012:057",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
"url": "http://secunia.com/advisories/48508",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48508"
},
{
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"url": "http://secunia.com/advisories/48822",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48822"
},
{
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
"url": "http://secunia.com/advisories/48973",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48973"
},
{
"name": "52318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52318"
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "USN-1403-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
"url": "http://support.apple.com/kb/HT5503",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT5503"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "48918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48918"
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
"url": "http://www.securityfocus.com/bid/52318",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52318"
},
{
"name": "SUSE-SU-2012:0521",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
"url": "http://www.securitytracker.com/id?1026765",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026765"
},
{
"name": "48973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48973"
"url": "http://www.ubuntu.com/usn/USN-1403-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "SUSE-SU-2012:0483",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800591",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "1026765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026765"
"url": "http://secunia.com/advisories/48797",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48797"
},
{
"name": "openSUSE-SU-2012:0489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
"url": "http://secunia.com/advisories/48918",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
"url": "http://secunia.com/advisories/48300",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48300"
},
{
"name": "GLSA-201204-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
"url": "http://www.debian.org/security/2012/dsa-2428",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2428"
},
{
"name": "DSA-2428",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2428"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
}
]
}

59
2012/1xxx/CVE-2012-1139.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1139 freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656)"
"value": "Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-31.el5_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_2.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,46 +163,11 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0467",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0467"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1139",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1139"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

59
2012/1xxx/CVE-2012-1143.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1143 freetype: integer divide by zero in FT_DivFix() (#35660)"
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Divide By Zero",
"cweId": "CWE-369"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-31.el5_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_2.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,46 +163,11 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0467",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0467"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1143",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1143"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

64
2012/1xxx/CVE-2012-1149.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1149 openoffice.org, libreoffice: Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations"
"value": "Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "1:3.1.1-19.10.el5_8.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "1:3.2.1-19.6.el6_2.7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,51 +163,11 @@
"refsource": "MISC",
"name": "http://www.osvdb.org/81988"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0705",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0705"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1149",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1149"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821726",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=821726"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75692",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75692"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

114
2012/1xxx/CVE-2012-1159.json
View File

@ -1,38 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1159",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Moodle",
"product": {
"product_data": [
{
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_value": "2.2 to 2.2.1+"
},
{
"version_value": "2.1 to 2.1.4+"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,32 +27,45 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Moodle",
"product": {
"product_data": [
{
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.2 to 2.2.1+"
},
{
"version_affected": "=",
"version_value": "2.1 to 2.1.4+"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1159",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1159"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-1159",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-1159"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html",
@ -86,19 +73,34 @@
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"refsource": "CONFIRM",
"name": "https://moodle.org/mod/forum/discuss.php?d=198628",
"url": "https://moodle.org/mod/forum/discuss.php?d=198628"
"url": "https://access.redhat.com/security/cve/cve-2012-1159",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-1159"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=198628",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=198628"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1159",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1159"
}
]
}

103
2012/1xxx/CVE-2012-1169.json
View File

@ -1,41 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1169",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Moodle",
"product": {
"product_data": [
{
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_value": "2.2 to 2.2.1+"
},
{
"version_value": "2.1 to 2.1.4+"
},
{
"version_value": "2.0 to 2.0.7+"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -56,32 +27,64 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Moodle",
"product": {
"product_data": [
{
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.2 to 2.2.1+"
},
{
"version_affected": "=",
"version_value": "2.1 to 2.1.4+"
},
{
"version_affected": "=",
"version_value": "2.0 to 2.0.7+"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1169",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1169"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-1169",
@ -89,19 +92,19 @@
"name": "https://access.redhat.com/security/cve/cve-2012-1169"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1169"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=198625",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
"name": "https://moodle.org/mod/forum/discuss.php?d=198625"
},
{
"refsource": "CONFIRM",
"name": "https://moodle.org/mod/forum/discuss.php?d=198625",
"url": "https://moodle.org/mod/forum/discuss.php?d=198625"
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1169",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1169"
}
]
}

64
2012/1xxx/CVE-2012-1173.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1173 libtiff: Heap-buffer overflow due to TileSize calculation when parsing tiff files"
"value": "Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.8.2-14.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-5.el6_2",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -185,21 +173,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026895"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0468",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0468"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1173",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1173"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803078",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=803078"
},
{
"url": "https://downloads.avaya.com/css/P8/documents/100161772",
"refsource": "MISC",
@ -216,30 +189,5 @@
"name": "https://hermes.opensuse.org/messages/14302713"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

121
2012/1xxx/CVE-2012-1179.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1179",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
},
{
"name": "SUSE-SU-2012:0554",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"
},
{
"name": "1027084",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027084"
"url": "http://secunia.com/advisories/48898",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48898"
},
{
"name": "48898",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48898"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1"
},
{
"name": "[oss-security] 20120315 CVE-2012-1179 kernel: thp: __split_huge_page() mapcount != page_mapcount BUG_ON()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/15/7"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
},
{
"name": "https://github.com/torvalds/linux/commit/4a1d704194a441bf83c636004a479e01360ec850",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/4a1d704194a441bf83c636004a479e01360ec850"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075781.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075781.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=803793",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803793"
"url": "http://secunia.com/advisories/48404",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48404"
},
{
"name": "48404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48404"
"url": "http://www.openwall.com/lists/oss-security/2012/03/15/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/15/7"
},
{
"name": "FEDORA-2012-3712",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075781.html"
"url": "http://www.securitytracker.com/id?1027084",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027084"
},
{
"name": "HPSBGN02970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
"url": "https://github.com/torvalds/linux/commit/4a1d704194a441bf83c636004a479e01360ec850",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/4a1d704194a441bf83c636004a479e01360ec850"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803793",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=803793"
}
]
}

133
2012/1xxx/CVE-2012-1183.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1183",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-2460",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2460"
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0069.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0069.html"
},
{
"name": "[oss-security] 20120316 Re: CVE Request -- Asterisk: AST-2012-002 and AST-2012-003 flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/16/17"
"url": "http://downloads.asterisk.org/pub/security/AST-2012-002-1.8.diff",
"refsource": "MISC",
"name": "http://downloads.asterisk.org/pub/security/AST-2012-002-1.8.diff"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-002.pdf",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-002.pdf"
"url": "http://downloads.asterisk.org/pub/security/AST-2012-002.pdf",
"refsource": "MISC",
"name": "http://downloads.asterisk.org/pub/security/AST-2012-002.pdf"
},
{
"name": "20120315 AST-2012-002: Remote Crash Vulnerability in Milliwatt Application",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0069.html"
"url": "http://osvdb.org/80125",
"refsource": "MISC",
"name": "http://osvdb.org/80125"
},
{
"name": "80125",
"refsource": "OSVDB",
"url": "http://osvdb.org/80125"
"url": "http://secunia.com/advisories/48417",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48417"
},
{
"name": "52523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52523"
"url": "http://secunia.com/advisories/48941",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48941"
},
{
"name": "48941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48941"
"url": "http://securitytracker.com/id?1026812",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1026812"
},
{
"name": "http://www.asterisk.org/node/51797",
"refsource": "CONFIRM",
"url": "http://www.asterisk.org/node/51797"
"url": "http://www.asterisk.org/node/51797",
"refsource": "MISC",
"name": "http://www.asterisk.org/node/51797"
},
{
"name": "48417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48417"
"url": "http://www.debian.org/security/2012/dsa-2460",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "asterisk-milliwattgenerate-dos(74082)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74082"
"url": "http://www.openwall.com/lists/oss-security/2012/03/16/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/16/10"
},
{
"name": "[oss-security] 20120316 CVE Request -- Asterisk: AST-2012-002 and AST-2012-003 flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/16/10"
"url": "http://www.openwall.com/lists/oss-security/2012/03/16/17",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/16/17"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-002-1.8.diff",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-002-1.8.diff"
"url": "http://www.securityfocus.com/bid/52523",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52523"
},
{
"name": "1026812",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026812"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74082",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74082"
}
]
}

97
2012/1xxx/CVE-2012-1579.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1579",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120323 CVEs for MediaWiki security and maintenance release 1.18.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/24/1"
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html",
"refsource": "MISC",
"name": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html"
},
{
"name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=34907",
"refsource": "CONFIRM",
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=34907"
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html",
"refsource": "MISC",
"name": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html"
},
{
"name": "[MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.18.2",
"refsource": "MLIST",
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html"
"url": "http://secunia.com/advisories/48504",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48504"
},
{
"name": "48504",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48504"
"url": "http://www.openwall.com/lists/oss-security/2012/03/22/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/22/9"
},
{
"name": "[MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.17.3",
"refsource": "MLIST",
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html"
"url": "http://www.openwall.com/lists/oss-security/2012/03/24/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/24/1"
},
{
"name": "[oss-security] 20120322 MediaWiki security and maintenance release 1.18.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/22/9"
"url": "http://www.securityfocus.com/bid/52689",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52689"
},
{
"name": "52689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52689"
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=34907",
"refsource": "MISC",
"name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=34907"
}
]
}

68
2012/1xxx/CVE-2012-1583.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1583 kernel: ipv6: panic using raw sockets"
"value": "Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-308.4.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.39.1.el5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -101,54 +89,14 @@
"name": "http://www.securitytracker.com/id?1026930"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0480",
"url": "https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0480"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0720",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0720"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1583",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1583"
"name": "https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752304",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=752304"
},
{
"url": "https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

133
2012/1xxx/CVE-2012-1593.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1593",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "18758",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18758"
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962",
"refsource": "MISC",
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962"
},
{
"name": "48986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48986"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2012-04.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2012-04.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html"
},
{
"name": "[oss-security] 20120328 Re: CVE Request: Multiple wireshark security flaws resolved in 1.4.12 and 1.6.6",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/13"
"url": "http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823"
"url": "http://secunia.com/advisories/48548",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48548"
},
{
"name": "openSUSE-SU-2012:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html"
"url": "http://secunia.com/advisories/48986",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48986"
},
{
"name": "FEDORA-2012-5243",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html"
"url": "http://www.exploit-db.com/exploits/18758",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/18758"
},
{
"name": "48548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48548"
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/28/13"
},
{
"name": "FEDORA-2012-5256",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html"
"url": "http://www.securitytracker.com/id?1026874",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026874"
},
{
"name": "oval:org.mitre.oval:def:14991",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14991"
"url": "http://www.wireshark.org/security/wnpa-sec-2012-04.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2012-04.html"
},
{
"name": "1026874",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026874"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74361",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74361"
},
{
"name": "wireshark-ansia-dos(74361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74361"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14991",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14991"
}
]
}

103
2012/2xxx/CVE-2012-2089.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2089",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "nginx-ngxhttpmp4module-bo(74831)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74831"
"url": "http://nginx.org/en/security_advisories.html",
"refsource": "MISC",
"name": "http://nginx.org/en/security_advisories.html"
},
{
"name": "1026924",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026924"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html"
},
{
"name": "FEDORA-2012-6371",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html"
},
{
"name": "FEDORA-2012-6411",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html"
},
{
"name": "http://nginx.org/en/security_advisories.html",
"refsource": "CONFIRM",
"url": "http://nginx.org/en/security_advisories.html"
"url": "http://www.openwall.com/lists/oss-security/2012/04/12/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/12/9"
},
{
"name": "52999",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52999"
"url": "http://www.securityfocus.com/bid/52999",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52999"
},
{
"name": "[oss-security] 20120412 nginx security advisory: mp4 module vulnerability, CVE-2012-2089",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/12/9"
"url": "http://www.securitytracker.com/id?1026924",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026924"
},
{
"name": "FEDORA-2012-6238",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74831",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74831"
}
]
}

127
2012/2xxx/CVE-2012-2093.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2093",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120410 gajim insecure file creation when using latex",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/10/6"
"url": "http://secunia.com/advisories/48794",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48794"
},
{
"name": "http://hg.gajim.org/gajim/rev/f046e4aaf7d4",
"refsource": "CONFIRM",
"url": "http://hg.gajim.org/gajim/rev/f046e4aaf7d4"
"url": "http://security.gentoo.org/glsa/glsa-201208-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201208-04.xml"
},
{
"name": "FEDORA-2012-6061",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html"
"url": "http://hg.gajim.org/gajim/rev/f046e4aaf7d4",
"refsource": "MISC",
"name": "http://hg.gajim.org/gajim/rev/f046e4aaf7d4"
},
{
"name": "53017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53017"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html"
},
{
"name": "48794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48794"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html"
},
{
"name": "https://trac.gajim.org/changeset/13759/src/common/latex.py",
"refsource": "CONFIRM",
"url": "https://trac.gajim.org/changeset/13759/src/common/latex.py"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html"
},
{
"name": "GLSA-201208-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201208-04.xml"
"url": "http://secunia.com/advisories/48695",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48695"
},
{
"name": "gajim-gettmpfilename-symlink(74869)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74869"
"url": "http://www.openwall.com/lists/oss-security/2012/04/10/15",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/10/15"
},
{
"name": "48695",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48695"
"url": "http://www.openwall.com/lists/oss-security/2012/04/10/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/10/6"
},
{
"name": "FEDORA-2012-6161",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html"
"url": "http://www.securityfocus.com/bid/53017",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53017"
},
{
"name": "[oss-security] 20120410 RE: gajim insecure file creation when using latex",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/10/15"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74869",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74869"
},
{
"name": "FEDORA-2012-6001",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html"
"url": "https://trac.gajim.org/changeset/13759/src/common/latex.py",
"refsource": "MISC",
"name": "https://trac.gajim.org/changeset/13759/src/common/latex.py"
}
]
}

133
2012/2xxx/CVE-2012-2103.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2103",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1622-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1622-1"
},
{
"name": "munin-unspec-symlink(74884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74884"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668778",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668778",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668778"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668778"
},
{
"name": "51218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51218"
},
{
"name": "[oss-security] 20120416 Re: CVE Request (minor) -- Two Munin graphing framework flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/16/6"
},
{
"name": "[oss-security] 20120416 CVE Request (minor) -- Two Munin graphing framework flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/16/5"
},
{
"name": "48859",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48859"
},
{
"name": "53031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53031"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=812889",
"url": "http://secunia.com/advisories/48859",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=812889"
"name": "http://secunia.com/advisories/48859"
},
{
"url": "http://secunia.com/advisories/51218",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51218"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/16/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/16/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/16/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/16/6"
},
{
"url": "http://www.securityfocus.com/bid/53031",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53031"
},
{
"url": "http://www.ubuntu.com/usn/USN-1622-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1622-1"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74884",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74884"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=812889",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=812889"
}
]
}

63
2012/2xxx/CVE-2012-2113.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-2113 libtiff: integer overflow in tiff2pdf leading to heap-buffer overflow when reading a tiled tiff file"
"value": "Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.8.2-15.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-6.el6_3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -116,49 +104,14 @@
"name": "http://www.securityfocus.com/bid/54076"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1054",
"url": "https://hermes.opensuse.org/messages/15083566",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1054"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2113",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2113"
"name": "https://hermes.opensuse.org/messages/15083566"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810551",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=810551"
},
{
"url": "https://hermes.opensuse.org/messages/15083566",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/15083566"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

115
2012/2xxx/CVE-2012-2119.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2119",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"
"url": "http://ubuntu.com/usn/usn-1529-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-1529-1"
},
{
"name": "RHSA-2012:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"
},
{
"name": "https://github.com/torvalds/linux/commit/b92946e2919134ebe2a4083e4302236295ea2a73",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/b92946e2919134ebe2a4083e4302236295ea2a73"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b92946e2919134ebe2a4083e4302236295ea2a73",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b92946e2919134ebe2a4083e4302236295ea2a73"
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278",
"refsource": "MISC",
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b92946e2919134ebe2a4083e4302236295ea2a73",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b92946e2919134ebe2a4083e4302236295ea2a73"
},
{
"name": "[linux-netdev] 20120416 [PATCH 3/6] macvtap: zerocopy: validate vector length before pinning user pages",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-netdev&m=133455718001608&w=2"
"url": "http://marc.info/?l=linux-netdev&m=133455718001608&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-netdev&m=133455718001608&w=2"
},
{
"name": "USN-1529-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1529-1"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
},
{
"name": "openSUSE-SU-2013:0925",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
"url": "http://www.openwall.com/lists/oss-security/2012/04/19/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/19/14"
},
{
"name": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=4aae94d1c7b32316911c86176c0ed4f8ed62da73",
"refsource": "CONFIRM",
"url": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=4aae94d1c7b32316911c86176c0ed4f8ed62da73"
"url": "https://github.com/torvalds/linux/commit/b92946e2919134ebe2a4083e4302236295ea2a73",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/b92946e2919134ebe2a4083e4302236295ea2a73"
},
{
"name": "[oss-security] 20120419 Re: CVE request -- kernel: macvtap: zerocopy: vector length is not validated before pinning user pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/19/14"
"url": "https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=4aae94d1c7b32316911c86176c0ed4f8ed62da73",
"refsource": "MISC",
"name": "https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=4aae94d1c7b32316911c86176c0ed4f8ed62da73"
}
]
}

121
2012/2xxx/CVE-2012-2123.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2123",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0670.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0670.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3"
"url": "http://www.debian.org/security/2012/dsa-2469",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2469"
},
{
"name": "RHSA-2012:0670",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0670.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
},
{
"name": "[oss-security] 20120419 Re: CVE request: kernel: fcaps: clear the same personality flags as suid when fcaps are used",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/20/6"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d52fc5dde171f030170a6cb78034d166b13c9445",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d52fc5dde171f030170a6cb78034d166b13c9445"
},
{
"name": "DSA-2469",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2469"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3"
},
{
"name": "53166",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53166"
"url": "http://www.openwall.com/lists/oss-security/2012/04/20/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/20/6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=806722",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806722"
"url": "http://www.securityfocus.com/bid/53166",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53166"
},
{
"name": "https://github.com/torvalds/linux/commit/d52fc5dde171f030170a6cb78034d166b13c9445",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/d52fc5dde171f030170a6cb78034d166b13c9445"
"url": "http://www.securitytracker.com/id?1027072",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027072"
},
{
"name": "1027072",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027072"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75043",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75043"
},
{
"name": "linux-kernel-fcaps-sec-bypass(75043)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75043"
"url": "https://github.com/torvalds/linux/commit/d52fc5dde171f030170a6cb78034d166b13c9445",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/d52fc5dde171f030170a6cb78034d166b13c9445"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d52fc5dde171f030170a6cb78034d166b13c9445",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d52fc5dde171f030170a6cb78034d166b13c9445"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806722",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=806722"
}
]
}

139
2012/2xxx/CVE-2012-2129.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2129",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120422 Re: CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/23/1"
},
{
"name": "53041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53041"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=412891",
"url": "http://ircrash.com/uploads/dokuwiki.txt",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=412891"
"name": "http://ircrash.com/uploads/dokuwiki.txt"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=815122",
"url": "http://seclists.org/bugtraq/2012/Apr/121",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815122"
"name": "http://seclists.org/bugtraq/2012/Apr/121"
},
{
"name": "20120417 DokuWiki Ver.2012/01/25 CSRF Add User Exploit",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Apr/121"
},
{
"name": "https://github.com/splitbrain/dokuwiki/commit/ff71173477e54774b5571015d49d944f51cb8a26",
"refsource": "CONFIRM",
"url": "https://github.com/splitbrain/dokuwiki/commit/ff71173477e54774b5571015d49d944f51cb8a26"
},
{
"name": "dokuwiki-doku-xss(74907)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74907"
},
{
"name": "[oss-security] 20120422 CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/22/4"
},
{
"name": "http://ircrash.com/uploads/dokuwiki.txt",
"url": "http://secunia.com/advisories/48848",
"refsource": "MISC",
"url": "http://ircrash.com/uploads/dokuwiki.txt"
"name": "http://secunia.com/advisories/48848"
},
{
"name": "48848",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48848"
"url": "http://www.openwall.com/lists/oss-security/2012/04/22/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/22/4"
},
{
"name": "http://bugs.dokuwiki.org/index.php?do=details&task_id=2487",
"refsource": "CONFIRM",
"url": "http://bugs.dokuwiki.org/index.php?do=details&task_id=2487"
"url": "http://www.openwall.com/lists/oss-security/2012/04/23/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/23/1"
},
{
"url": "http://www.securityfocus.com/bid/53041",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53041"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74907",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74907"
},
{
"url": "http://bugs.dokuwiki.org/index.php?do=details&task_id=2487",
"refsource": "MISC",
"name": "http://bugs.dokuwiki.org/index.php?do=details&task_id=2487"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=412891",
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=412891"
},
{
"url": "https://github.com/splitbrain/dokuwiki/commit/ff71173477e54774b5571015d49d944f51cb8a26",
"refsource": "MISC",
"name": "https://github.com/splitbrain/dokuwiki/commit/ff71173477e54774b5571015d49d944f51cb8a26"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815122",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=815122"
}
]
}

88
2012/2xxx/CVE-2012-2133.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-2133 kernel: use after free bug in \"quota\" handling"
"value": "Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.14.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.34.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.2.33-rt50.66.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -86,16 +63,6 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2469"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1491",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1491"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1426",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1426"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6",
"refsource": "MISC",
@ -116,21 +83,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53233"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0741",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0741"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2133",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2133"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=817430",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=817430"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75168",
"refsource": "MISC",
@ -140,31 +92,11 @@
"url": "https://github.com/torvalds/linux/commit/90481622d75715bfcb68501280a917dbfe516029",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/90481622d75715bfcb68501280a917dbfe516029"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=817430",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=817430"
}
]
}

141
2012/2xxx/CVE-2012-2149.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2149",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow."
"value": "The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow."
}
]
},
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "1027069",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027069"
},
{
"name": "RHSA-2012:1043",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1043.html"
},
{
"name": "https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt",
"url": "http://secunia.com/advisories/60799",
"refsource": "MISC",
"url": "https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt"
"name": "http://secunia.com/advisories/60799"
},
{
"name": "20120516 CVE-2012-2149 OpenOffice.org memory overwrite vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html"
},
{
"name": "53570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53570"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2012-2149.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2012-2149.html"
},
{
"name": "http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html"
"name": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "46992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46992"
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html"
},
{
"url": "http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1043.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1043.html"
},
{
"url": "http://secunia.com/advisories/46992",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46992"
},
{
"url": "http://www.openoffice.org/security/cves/CVE-2012-2149.html",
"refsource": "MISC",
"name": "http://www.openoffice.org/security/cves/CVE-2012-2149.html"
},
{
"url": "http://www.securityfocus.com/bid/53570",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53570"
},
{
"url": "http://www.securitytracker.com/id?1027069",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027069"
},
{
"url": "https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt",
"refsource": "MISC",
"name": "https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt"
}
]
}

127
2012/2xxx/CVE-2012-2313.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2313",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120504 Re: CVE Request: more tight ioctl permissions in dl2k driver",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/04/8"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7"
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
},
{
"name": "RHSA-2012:1174",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1174.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75"
},
{
"name": "53965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53965"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1174.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1174.html"
},
{
"name": "https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1481.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1481.html"
},
{
"name": "RHSA-2012:1541",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1541.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1541.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1541.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1bb57e940e1958e40d51f2078f50c3a96a9b2d75",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1bb57e940e1958e40d51f2078f50c3a96a9b2d75"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1589.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1589.html"
},
{
"name": "RHSA-2012:1481",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1481.html"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=818820",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818820"
"url": "http://www.openwall.com/lists/oss-security/2012/05/04/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/04/8"
},
{
"name": "RHSA-2012:1589",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1589.html"
"url": "http://www.securityfocus.com/bid/53965",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53965"
},
{
"name": "HPSBGN02970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
"url": "https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75"
},
{
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818820",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=818820"
}
]
}

113
2013/0xxx/CVE-2013-0156.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack"
"value": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data",
"cweId": "CWE-502"
"value": "n/a"
}
]
}
@ -32,66 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "1:3.0.10-11.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.0.10-8.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.0.10-5.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Subscription Asset Manager 1.1",
"version": {
"version_data": [
{
"version_value": "1:3.0.10-11.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.0.10-8.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.0.10-5.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEL 6 Version of OpenShift Enterprise",
"version": {
"version_data": [
{
"version_value": "1:3.2.8-2.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.8-3.el6",
"version_affected": "!"
},
{
"version_value": "1:3.0.13-2.1.el6op",
"version_affected": "!"
},
{
"version_value": "1:3.0.13-2.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -159,31 +108,6 @@
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/628463"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0153",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0153"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0154",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0154"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0155",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0155"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0156",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0156"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892870",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=892870"
},
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156",
"refsource": "MISC",
@ -200,30 +124,5 @@
"name": "https://puppet.com/security/cve/cve-2013-0156"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

44
2013/0xxx/CVE-2013-0165.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0165 OpenShift mongodb cartridge: info/bin/dump.sh /tmp file creation"
"value": "cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insecure Temporary File",
"cweId": "CWE-377"
"value": "Other"
}
]
}
@ -40,8 +39,8 @@
"version": {
"version_data": [
{
"version_value": "before 3b74dd3d162a9a3b63a7ac4e1eaccea6b889e186",
"version_affected": "="
"version_affected": "=",
"version_value": "before 3b74dd3d162a9a3b63a7ac4e1eaccea6b889e186"
}
]
}
@ -54,46 +53,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0165",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0165"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892912",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=892912"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0165",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0165"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

99
2013/0xxx/CVE-2013-0175.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0175",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/sferik/multi_xml/pull/34",
"refsource": "CONFIRM",
"url": "https://github.com/sferik/multi_xml/pull/34"
},
{
"name": "https://gist.github.com/nate/d7f6d9f4925f413621aa",
"refsource": "CONFIRM",
"url": "https://gist.github.com/nate/d7f6d9f4925f413621aa"
},
{
"name": "[oss-security] 20130111 Re: CVE request for multi_xml ruby gem (has same problem as CVE-2013-0156)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/01/11/9"
},
{
"name": "https://groups.google.com/forum/?fromgroups=#!topic/ruby-grape/fthDkMgIOa0",
"refsource": "CONFIRM",
"url": "https://groups.google.com/forum/?fromgroups=#!topic/ruby-grape/fthDkMgIOa0"
},
{
"name": "https://news.ycombinator.com/item?id=5040457",
"url": "http://www.openwall.com/lists/oss-security/2013/01/11/9",
"refsource": "MISC",
"url": "https://news.ycombinator.com/item?id=5040457"
"name": "http://www.openwall.com/lists/oss-security/2013/01/11/9"
},
{
"url": "https://gist.github.com/nate/d7f6d9f4925f413621aa",
"refsource": "MISC",
"name": "https://gist.github.com/nate/d7f6d9f4925f413621aa"
},
{
"url": "https://github.com/sferik/multi_xml/pull/34",
"refsource": "MISC",
"name": "https://github.com/sferik/multi_xml/pull/34"
},
{
"url": "https://groups.google.com/forum/?fromgroups=#%21topic/ruby-grape/fthDkMgIOa0",
"refsource": "MISC",
"name": "https://groups.google.com/forum/?fromgroups=#%21topic/ruby-grape/fthDkMgIOa0"
},
{
"url": "https://news.ycombinator.com/item?id=5040457",
"refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=5040457"
}
]
}

91
2013/0xxx/CVE-2013-0176.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0176",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-1407",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098094.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098065.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098065.html"
},
{
"name": "libssh-publickeyfromprivatekey-dos(81595)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81595"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098094.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098094.html"
},
{
"name": "51982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51982"
"url": "http://secunia.com/advisories/51982",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51982"
},
{
"name": "FEDORA-2013-1422",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098065.html"
"url": "http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/",
"refsource": "MISC",
"name": "http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/"
},
{
"name": "USN-1707-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1707-1"
"url": "http://www.ubuntu.com/usn/USN-1707-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1707-1"
},
{
"name": "http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/",
"refsource": "CONFIRM",
"url": "http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81595",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81595"
}
]
}

732
2013/0xxx/CVE-2013-0185.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0185 ManageIQ EVM: CSRF"
"value": "Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
"value": "n/a"
}
]
}
@ -32,700 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.0.37-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.12-11.el6cf",
"version_affected": "!"
},
{
"version_value": "0:B.02.16-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.0P1-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.3-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1-12.el6",
"version_affected": "!"
},
{
"version_value": "0:9.2.4-7.el6",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1-11.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.4-5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.9.3.448-38.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-3.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.1.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-3.el6",
"version_affected": "!"
},
{
"version_value": "0:4.9.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-7.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-3.el6",
"version_affected": "!"
},
{
"version_value": "0:4.6.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.5-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.29-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.9-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.7.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:0.25.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.14.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.0.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.19-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.10.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.4-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.7.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:6.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.20.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.7-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.20110317223538-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.7-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.5-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.6.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.6-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.21-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.3-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.20.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.4.5-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.2-7.el6",
"version_affected": "!"
},
{
"version_value": "0:0.6.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.13.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:10.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.8.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.17-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.12.2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.7-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.1.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.13.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.10-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.9.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.19-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.1.20-3.el6",
"version_affected": "!"
},
{
"version_value": "0:2.32.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.4-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.5-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.6-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.5-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-0.6.beta5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.18.1-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-10.el6",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.10-6.el6",
"version_affected": "!"
},
{
"version_value": "0:1.16.2-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.33-2.el6",
"version_affected": "!"
},
{
"version_value": "0:2.1.3-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.12-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.14.5.10-1.1.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -738,46 +53,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHEA-2013:1487",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHEA-2013:1487"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0185",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0185"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895345",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=895345"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

108
2013/0xxx/CVE-2013-0186.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0186 ManageIQ EVM: Stored XSS"
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "Cross-Site Scripting"
}
]
}
@ -31,53 +30,35 @@
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ManageIQ EVM",
"product": {
"product_data": [
{
"product_name": "ManageIQ EVM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "Red Hat CloudForms 3.0",
"version": {
"version_data": [
{
"version_value": "0:5.2.2.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.3.448-40.1.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.2-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.31.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.19.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.6-3.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "Red Hat CloudForms 3.0 Management Engine 5.2"
}
]
}
@ -90,50 +71,15 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0215",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0215"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0186",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0186"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895346",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=895346"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0186",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0186"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
"url": "https://access.redhat.com/errata/RHSA-2014:0215",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0215"
}
]
}

401
2013/0xxx/CVE-2013-0196.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0196 OpenShift Enterprise and Online vulnerable to CSRF attack with REST API"
"value": "A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
"value": "Cross-Site Request Forgery "
}
]
}
@ -32,364 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "OpenShift",
"product": {
"product_data": [
{
"product_name": "RHEL 6 Version of OpenShift Enterprise 1.2",
"product_name": "OpenShift Enterprise",
"version": {
"version_data": [
{
"version_value": "0:5.6.0-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:4.04-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.2.1-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.2.3-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-9.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.5.2-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.7-1.2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.5.19-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7.2-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1-8.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.4-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.9.3.429-34.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.8-1.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.8-5.el6",
"version_affected": "!"
},
{
"version_value": "0:3.2.8-2.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.8-6.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.8-4.el6",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.1.4-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.6-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.2.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:2.2.0-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.53-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.7.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.5-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.2.4-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.2.8.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.1.7-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.6.0-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.4-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.0.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:2.4.4-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.19-1.el6",
"version_affected": "!"
},
{
"version_value": "0:3.5.0-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.21-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.2-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.6-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.7-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.2-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.17-11.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.3-2.el6",
"version_affected": "!"
},
{
"version_value": "1:1.4.1-5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-7.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.2-7.el6",
"version_affected": "!"
},
{
"version_value": "0:0.6.1-3.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.8-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.8-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.7-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.9.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.1.20-2.el6",
"version_affected": "!"
},
{
"version_value": "0:3.2.5-2.el6",
"version_affected": "!"
},
{
"version_value": "0:3.2.0-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.4.5-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.2.5-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.8-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.5.2-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-0.5.beta5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.15.4-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-8.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.10-6.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.33-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.6-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.12-10.el6op",
"version_affected": "!"
},
{
"version_value": "1:3.14.5.8-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.11-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.14-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.14-1.2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.9-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.16-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.30-14.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "1.2"
}
]
}
@ -402,56 +53,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHEA-2013:1031",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHEA-2013:1031"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0196",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0196"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-0196",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2013-0196"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=901364",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=901364"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0196",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0196"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

85
2013/0xxx/CVE-2013-0215.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0215",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=40f9c5e0a6d15b4ca1f6d4ed3a46f0871520eab5",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=40f9c5e0a6d15b4ca1f6d4ed3a46f0871520eab5"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://openwall.com/lists/oss-security/2013/02/05/10",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2013/02/05/10"
},
{
"name": "[oss-security] 20130205 Xen Security Advisory 38 (CVE-2013-0215) - oxenstored incorrect handling of certain Xenbus ring states",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/02/05/10"
"url": "http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=40f9c5e0a6d15b4ca1f6d4ed3a46f0871520eab5",
"refsource": "MISC",
"name": "http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=40f9c5e0a6d15b4ca1f6d4ed3a46f0871520eab5"
},
{
"name": "http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=61401264eb00fae4ee4efc8e9a5067449283207b",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=61401264eb00fae4ee4efc8e9a5067449283207b"
"url": "http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=61401264eb00fae4ee4efc8e9a5067449283207b",
"refsource": "MISC",
"name": "http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=61401264eb00fae4ee4efc8e9a5067449283207b"
}
]
}

109
2013/0xxx/CVE-2013-0216.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0216",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "MDVSA-2013:176",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=910883",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910883"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
},
{
"name": "https://github.com/torvalds/linux/commit/48856286b64e4b66ec62b94e504d0b29c1ade664",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/48856286b64e4b66ec62b94e504d0b29c1ade664"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html"
},
{
"name": "openSUSE-SU-2013:0395",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=48856286b64e4b66ec62b94e504d0b29c1ade664",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=48856286b64e4b66ec62b94e504d0b29c1ade664"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664"
},
{
"name": "SUSE-SU-2013:0674",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8"
"url": "http://www.openwall.com/lists/oss-security/2013/02/05/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/05/12"
},
{
"name": "openSUSE-SU-2013:0925",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
"url": "https://github.com/torvalds/linux/commit/48856286b64e4b66ec62b94e504d0b29c1ade664",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/48856286b64e4b66ec62b94e504d0b29c1ade664"
},
{
"name": "[oss-security] 20130205 Xen Security Advisory 39 (CVE-2013-0216,CVE-2013-0217) - Linux netback DoS via malicious guest ring.",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/05/12"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910883",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=910883"
}
]
}

163
2014/0xxx/CVE-2014-0062.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0062",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,97 +27,121 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0211",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
},
{
"name": "RHSA-2014:0221",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://support.apple.com/kb/HT6448",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6448"
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "RHSA-2014:0469",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
},
{
"name": "APPLE-SA-2014-10-16-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
},
{
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "CONFIRM",
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
},
{
"name": "DSA-2864",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2864"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
},
{
"name": "RHSA-2014:0249",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
},
{
"name": "65727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65727"
"url": "http://secunia.com/advisories/61307",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61307"
},
{
"name": "http://www.postgresql.org/about/news/1506/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/about/news/1506/"
"url": "http://support.apple.com/kb/HT6448",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT6448"
},
{
"name": "USN-2120-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2120-1"
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "MISC",
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease"
},
{
"name": "https://support.apple.com/kb/HT6536",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6536"
"url": "http://www.debian.org/security/2014/dsa-2864",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2864"
},
{
"name": "DSA-2865",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2865"
"url": "http://www.debian.org/security/2014/dsa-2865",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2865"
},
{
"name": "openSUSE-SU-2014:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
"url": "http://www.postgresql.org/about/news/1506/",
"refsource": "MISC",
"name": "http://www.postgresql.org/about/news/1506/"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
"url": "http://www.ubuntu.com/usn/USN-2120-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2120-1"
},
{
"name": "openSUSE-SU-2014:0368",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
"url": "https://support.apple.com/kb/HT6536",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT6536"
},
{
"name": "61307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61307"
"url": "http://www.securityfocus.com/bid/65727",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65727"
}
]
}

1324
2014/0xxx/CVE-2014-0090.json
View File

File diff suppressed because it is too large Load Diff

75
2014/0xxx/CVE-2014-0100.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0100",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140304 CVE-2014-0100 -- Linux kernel: net: inet frag code race condition leading to user-after-free",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/04/4"
},
{
"name": "http://patchwork.ozlabs.org/patch/325844/",
"url": "http://patchwork.ozlabs.org/patch/325844/",
"refsource": "MISC",
"url": "http://patchwork.ozlabs.org/patch/325844/"
"name": "http://patchwork.ozlabs.org/patch/325844/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1070618",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070618"
"url": "http://www.openwall.com/lists/oss-security/2014/03/04/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/03/04/4"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070618",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1070618"
}
]
}

81
2014/0xxx/CVE-2014-0102.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0102",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140304 CVE-2014-0102 -- Linux kernel: security: keyring cycle detector DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/04/21"
},
{
"name": "http://www.kernelhub.org/?msg=425013&p=2",
"url": "http://lkml.org/lkml/2014/2/27/507",
"refsource": "MISC",
"url": "http://www.kernelhub.org/?msg=425013&p=2"
"name": "http://lkml.org/lkml/2014/2/27/507"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072419",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072419"
"url": "http://www.kernelhub.org/?msg=425013&p=2",
"refsource": "MISC",
"name": "http://www.kernelhub.org/?msg=425013&p=2"
},
{
"name": "[linux-kernel] 20140227 kernel BUG at security/keys/keyring.c:1003!",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2014/2/27/507"
"url": "http://www.openwall.com/lists/oss-security/2014/03/04/21",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/03/04/21"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072419",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072419"
}
]
}

71
2014/0xxx/CVE-2014-0120.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0120",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf",
"url": "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf",
"refsource": "MISC",
"url": "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf"
"name": "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf"
},
{
"name": "https://github.com/hawtio/hawtio/commit/b4e23e002639c274a2f687ada980118512f06113",
"refsource": "CONFIRM",
"url": "https://github.com/hawtio/hawtio/commit/b4e23e002639c274a2f687ada980118512f06113"
"url": "https://github.com/hawtio/hawtio/commit/b4e23e002639c274a2f687ada980118512f06113",
"refsource": "MISC",
"name": "https://github.com/hawtio/hawtio/commit/b4e23e002639c274a2f687ada980118512f06113"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072681",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072681"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072681",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072681"
}
]
}

73
2014/0xxx/CVE-2014-0122.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0122",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=256418",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=256418"
"url": "http://openwall.com/lists/oss-security/2014/03/17/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/03/17/1"
},
{
"name": "[oss-security] 20140317 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/03/17/1"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082"
"url": "https://moodle.org/mod/forum/discuss.php?d=256418",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=256418"
}
]
}

117
2014/0xxx/CVE-2014-0130.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request."
"value": "Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
"value": "n/a"
}
]
}
@ -32,70 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.4.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-8.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Software Collections for RHEL-6",
"version": {
"version_data": [
{
"version_value": "1:3.2.8-5.5.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Subscription Asset Manager 1.4",
"version": {
"version_data": [
{
"version_value": "0:1.4.3.28-1.el6sam_splice",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-1.el6sam",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-6.el6sam",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-5.el6sam",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-2.el6sam",
"version_affected": "!"
},
{
"version_value": "0:0.6.9-1.el6sam",
"version_affected": "!"
},
{
"version_value": "0:2.5.4-1.el6sam",
"version_affected": "!"
},
{
"version_value": "1:1.4.5-3.el6sam",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -108,21 +53,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0816",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0816"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-1863.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1863.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1863",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1863"
},
{
"url": "http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf",
"refsource": "MISC",
@ -133,51 +68,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67244"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0510",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0510"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0130",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0130"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1095105",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1095105"
},
{
"url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ",
"refsource": "MISC",
"name": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

53
2014/0xxx/CVE-2014-0132.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0132 389-ds: flaw in parsing authzid can lead to privilege escalation"
"value": "The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Authentication Bypass by Spoofing",
"cweId": "CWE-290"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.2.11.15-32.el6_5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -69,21 +68,6 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/57427"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0292",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0292"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0132",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0132"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1074845",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1074845"
},
{
"url": "https://fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a/",
"refsource": "MISC",
@ -95,30 +79,5 @@
"name": "https://fedorahosted.org/389/ticket/47739"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

664
2014/0xxx/CVE-2014-0140.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that Red Hat CloudForms exposed default routes that were reachable via HTTP(S) requests. An authenticated user could use this flaw to access potentially sensitive controllers and actions that would allow for privilege escalation."
"value": "Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remote authenticated users to access sensitive controllers and actions via a direct HTTP or HTTPS request."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Exposed Dangerous Method or Function",
"cweId": "CWE-749"
"value": "n/a"
}
]
}
@ -32,632 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.3",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.75.13-1.el6",
"version_affected": "!"
},
{
"version_value": "0:5.3.0.15-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.12-11.el6cf",
"version_affected": "!"
},
{
"version_value": "0:B.02.16-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.9.2-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.9.7-1.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0P1-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.3-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-7.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-6.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.1.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.17-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.2-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.9.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.6.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.29-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.9-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.31.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.19.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.0.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.21-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.10.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.9.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.5.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.7.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:6.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.20.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.4-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.7-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.5-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.9.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.6-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.21-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.20.2-2.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.4.5-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.13.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:10.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.8.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.17-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.12.2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.7-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.1.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.13.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.10-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.9.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.19-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.32.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.4-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.5-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.16.2-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.3-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.12-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.7.19-244.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.6-3.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -675,46 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1317.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1317",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1317"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0140",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0140"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

105
2014/0xxx/CVE-2014-0142.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0142 qemu: crash by possible division by zero"
"value": "QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Divide By Zero",
"cweId": "CWE-369"
"value": "n/a"
}
]
}
@ -32,53 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenStack 4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140603.2.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -91,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0674"
},
{
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=8e53abbc20d08ae3ec30c2054e1161314ad9501d",
"refsource": "MISC",
@ -121,61 +78,11 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3044"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0420",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0420"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0421",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0421"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0434",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0434"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0435",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0435"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0142",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0142"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078201",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1078201"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}
}

103
2014/0xxx/CVE-2014-0150.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0150",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1078846",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078846"
"url": "http://secunia.com/advisories/58191",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58191"
},
{
"name": "DSA-2910",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2910"
"url": "http://article.gmane.org/gmane.comp.emulators.qemu/266768",
"refsource": "MISC",
"name": "http://article.gmane.org/gmane.comp.emulators.qemu/266768"
},
{
"name": "USN-2182-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2182-1"
"url": "http://secunia.com/advisories/57878",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57878"
},
{
"name": "DSA-2909",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2909"
"url": "http://thread.gmane.org/gmane.comp.emulators.qemu/266713",
"refsource": "MISC",
"name": "http://thread.gmane.org/gmane.comp.emulators.qemu/266713"
},
{
"name": "57878",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57878"
"url": "http://www.debian.org/security/2014/dsa-2909",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2909"
},
{
"name": "[Qemu-devel] 20140411 Re: [PATCH for-2.0] virtio-net: fix guest-triggerable buffer overrun",
"refsource": "MLIST",
"url": "http://article.gmane.org/gmane.comp.emulators.qemu/266768"
"url": "http://www.debian.org/security/2014/dsa-2910",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2910"
},
{
"name": "[Qemu-devel] 20140411 [PATCH for-2.0] virtio-net: fix guest-triggerable buffer overrun",
"refsource": "MLIST",
"url": "http://thread.gmane.org/gmane.comp.emulators.qemu/266713"
"url": "http://www.ubuntu.com/usn/USN-2182-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2182-1"
},
{
"name": "58191",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58191"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078846",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1078846"
}
]
}

53
2014/0xxx/CVE-2014-0152.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0152 ovirt-engine-webadmin: session fixation"
"value": "Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Session Fixation",
"cweId": "CWE-384"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV Manager version 3.4",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.4.0-21",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,50 +58,10 @@
"refsource": "MISC",
"name": "http://www.ovirt.org/Security_advisories"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0506",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0506"
},
{
"url": "http://gerrit.ovirt.org/#/c/25959/",
"refsource": "MISC",
"name": "http://gerrit.ovirt.org/#/c/25959/"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0152",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0152"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081860",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1081860"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

53
2014/0xxx/CVE-2014-0162.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0162 openstack-glance: remote code execution in Glance Sheepdog backend"
"value": "The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.2.2-3.el6ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -69,51 +68,11 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2193-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0455",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0455"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0162",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0162"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1085163",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1085163"
},
{
"url": "https://launchpad.net/bugs/1298698",
"refsource": "MISC",
"name": "https://launchpad.net/bugs/1298698"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

85
2014/0xxx/CVE-2014-0170.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0170",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "jboss-data-cve20140170-info-disc(96192)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96192"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1284.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1284.html"
},
{
"name": "61530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61530"
"url": "http://secunia.com/advisories/61530",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61530"
},
{
"name": "1030886",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030886"
"url": "http://www.securitytracker.com/id/1030886",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030886"
},
{
"name": "https://issues.jboss.org/browse/TEIID-2911",
"refsource": "CONFIRM",
"url": "https://issues.jboss.org/browse/TEIID-2911"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96192",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96192"
},
{
"name": "RHSA-2014:1284",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1284.html"
"url": "https://issues.jboss.org/browse/TEIID-2911",
"refsource": "MISC",
"name": "https://issues.jboss.org/browse/TEIID-2911"
}
]
}

57
2014/0xxx/CVE-2014-0180.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0180 CFME: app/controllers/application_controller.rb wait_for_task DoS"
"value": "The wait_for_task function in app/controllers/application_controller.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.4.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-8.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -58,50 +53,10 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0816",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0816"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0816.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0816.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0180",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0180"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087909",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1087909"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

137
2014/0xxx/CVE-2014-0182.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0182 qemu: virtio: out-of-bounds buffer write on state load with invalid config_len"
"value": "Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
"value": "n/a"
}
]
}
@ -32,75 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenStack 4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-60.el7_0.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-60.el7_0.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140603.2.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -133,75 +73,10 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0744.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0674"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0743",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0743"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0744",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0744"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0888",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0888"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0927",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0927"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1268",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1268"
},
{
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc",
"refsource": "MISC",
"name": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0182",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0182"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088986",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1088986"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

103
2014/0xxx/CVE-2014-0190.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0190",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugs.kde.org/show_bug.cgi?id=333404",
"refsource": "CONFIRM",
"url": "https://bugs.kde.org/show_bug.cgi?id=333404"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html"
},
{
"name": "openSUSE-SU-2015:0573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html"
},
{
"name": "FEDORA-2014-6922",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134040.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html"
},
{
"name": "USN-2626-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2626-1"
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"name": "[Announce] 20140424 Qt Security Advisory: DoS vulnerability in the GIF image handler",
"refsource": "MLIST",
"url": "http://lists.qt-project.org/pipermail/announce/2014-April/000045.html"
"url": "http://lists.qt-project.org/pipermail/announce/2014-April/000045.html",
"refsource": "MISC",
"name": "http://lists.qt-project.org/pipermail/announce/2014-April/000045.html"
},
{
"name": "FEDORA-2014-6896",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134141.html"
"url": "http://www.securityfocus.com/bid/67087",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67087"
},
{
"name": "FEDORA-2014-5695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html"
"url": "http://www.ubuntu.com/usn/USN-2626-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2626-1"
},
{
"name": "67087",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67087"
"url": "https://bugs.kde.org/show_bug.cgi?id=333404",
"refsource": "MISC",
"name": "https://bugs.kde.org/show_bug.cgi?id=333404"
}
]
}

1324
2014/0xxx/CVE-2014-0192.json
View File

File diff suppressed because it is too large Load Diff

53
2014/0xxx/CVE-2014-0200.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0200 ovirt-engine-reports: js-jboss7-ds.xml is world-readable"
"value": "The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV Manager version 3.3",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.3.3-1",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -63,46 +62,6 @@
"url": "http://www.securityfocus.com/bid/67684",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67684"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0558",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0558"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0200",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0200"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094229",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094229"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

53
2014/0xxx/CVE-2014-0202.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0202 ovirt-engine-dwh: setup script logs database password in cleartext"
"value": "The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insufficiently Protected Credentials",
"cweId": "CWE-522"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV Manager version 3.3",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.3.3-1",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -58,46 +57,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2014-0559.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0559.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0559",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0559"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0202",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0202"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094234",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094234"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

63
2014/0xxx/CVE-2014-0212.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0212",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "qpid-cpp",
"version": {
"version_data": [
{
"version_value": "through 2014-03-06"
}
]
}
}
]
},
"vendor_name": "qpid-cpp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "qpid-cpp",
"product": {
"product_data": [
{
"product_name": "qpid-cpp",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2014-03-06"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0212",
"url": "https://access.redhat.com/security/cve/cve-2014-0212",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0212"
"name": "https://access.redhat.com/security/cve/cve-2014-0212"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0212",
@ -63,9 +64,9 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0212"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0212",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0212",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0212"
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0212"
}
]
}

137
2014/0xxx/CVE-2014-0222.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process."
"value": "Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,75 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.14",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.14",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-60.el7_0.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.14",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-60.el7_0.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.14",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140821.1.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -123,26 +63,11 @@
"refsource": "MISC",
"name": "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0927",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0927"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1268",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1268"
},
{
"url": "http://www.debian.org/security/2014/dsa-3044",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3044"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1168",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1168"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html",
"refsource": "MISC",
@ -163,61 +88,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67357"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1075",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1075"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1076",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1076"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1187",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1187"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0222",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0222"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097216",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1097216"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

111
2014/0xxx/CVE-2014-0250.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0250",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:0862",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00008.html"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/issues/1871",
"url": "http://advisories.mageia.org/MGASA-2014-0287.html",
"refsource": "MISC",
"url": "https://github.com/FreeRDP/FreeRDP/issues/1871"
"name": "http://advisories.mageia.org/MGASA-2014-0287.html"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/pull/1874",
"refsource": "CONFIRM",
"url": "https://github.com/FreeRDP/FreeRDP/pull/1874"
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00008.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00008.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998934",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998934"
"url": "http://seclists.org/oss-sec/2014/q2/365",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q2/365"
},
{
"name": "GLSA-201412-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-18.xml"
"url": "http://security.gentoo.org/glsa/glsa-201412-18.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-18.xml"
},
{
"name": "[oss-security] 20140528 freerdp: integer overflows in memory allocations in client/X11/xf_graphics.c",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/365"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:171",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:171"
},
{
"name": "MDVSA-2015:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:171"
"url": "http://www.securityfocus.com/bid/67670",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67670"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0287.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0287.html"
"url": "https://github.com/FreeRDP/FreeRDP/issues/1871",
"refsource": "MISC",
"name": "https://github.com/FreeRDP/FreeRDP/issues/1871"
},
{
"name": "67670",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67670"
"url": "https://github.com/FreeRDP/FreeRDP/pull/1874",
"refsource": "MISC",
"name": "https://github.com/FreeRDP/FreeRDP/pull/1874"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998934",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998934"
}
]
}

103
2014/1xxx/CVE-2014-1690.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-1690",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2137-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2137-1"
"url": "http://www.ubuntu.com/usn/USN-2137-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2137-1"
},
{
"name": "USN-2140-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2140-1"
"url": "http://www.ubuntu.com/usn/USN-2140-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2140-1"
},
{
"name": "USN-2158-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2158-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2690d97ade05c5325cbf7c72b94b90d265659886",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2690d97ade05c5325cbf7c72b94b90d265659886"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748"
"url": "http://www.openwall.com/lists/oss-security/2014/01/28/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/01/28/3"
},
{
"name": "[oss-security] 20140128 Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/01/28/3"
"url": "http://www.ubuntu.com/usn/USN-2158-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2158-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886"
"url": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886"
},
{
"name": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748"
}
]
}

130
2014/1xxx/CVE-2014-1692.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-1692",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "HPSBMU03409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"name": "HPSBUX03188",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141576985122836&w=2"
},
{
"name": "SSRT101487",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141576985122836&w=2"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9;r2=1.10;f=h",
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"refsource": "MISC",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9;r2=1.10;f=h"
"name": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10",
"url": "http://marc.info/?l=bugtraq&m=141576985122836&w=2",
"refsource": "MISC",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10"
"name": "http://marc.info/?l=bugtraq&m=141576985122836&w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637"
"url": "http://openwall.com/lists/oss-security/2014/01/29/10",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/01/29/10"
},
{
"name": "[oss-security] 20140128 OpenSSH J-PAKE vulnerability (no cause for panic! remain calm!)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/01/29/2"
"url": "http://openwall.com/lists/oss-security/2014/01/29/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/01/29/2"
},
{
"name": "102611",
"refsource": "OSVDB",
"url": "http://osvdb.org/102611"
"url": "http://osvdb.org/102611",
"refsource": "MISC",
"name": "http://osvdb.org/102611"
},
{
"name": "60184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60184"
"url": "http://secunia.com/advisories/60184",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60184"
},
{
"name": "65230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65230"
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637"
},
{
"name": "[oss-security] 20140129 Re: OpenSSH J-PAKE vulnerability (no cause for panic! remain calm!)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/01/29/10"
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=h",
"refsource": "MISC",
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=h"
},
{
"name": "openssh-cve20141692-code-exec(90819)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90819"
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10",
"refsource": "MISC",
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10"
},
{
"url": "http://www.securityfocus.com/bid/65230",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65230"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90819",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90819"
}
]
}

80
2014/8xxx/CVE-2014-8091.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request."
"value": "X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Unchecked Return Value",
"cweId": "CWE-252"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-48.107.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -121,16 +98,6 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1982",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1982"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
@ -140,41 +107,6 @@
"url": "http://www.securityfocus.com/bid/71597",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71597"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8091",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8091"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168680",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168680"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

80
2014/8xxx/CVE-2014-8093.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges."
"value": "Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-48.107.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -116,16 +93,6 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1982",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1982"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
@ -140,41 +107,6 @@
"url": "http://www.securityfocus.com/bid/71596",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71596"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8093",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8093"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168688",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168688"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

80
2014/8xxx/CVE-2014-8101.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server."
"value": "The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-48.107.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -116,16 +93,6 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1982",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1982"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
@ -135,41 +102,6 @@
"url": "http://www.securityfocus.com/bid/71605",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71605"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8101",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8101"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168713",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168713"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

64
2014/8xxx/CVE-2014-8103.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server."
"value": "X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version, (2) sproc_dri3_open, (3) sproc_dri3_pixmap_from_buffer, (4) sproc_dri3_buffer_from_pixmap, (5) sproc_dri3_fence_from_fd, (6) sproc_dri3_fd_from_fence, (7) proc_present_query_capabilities, (8) sproc_present_query_version, (9) sproc_present_pixmap, (10) sproc_present_notify_msc, (11) sproc_present_select_input, or (12) sproc_present_query_capabilities function in the (a) DRI3 or (b) Present extension."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -80,50 +68,10 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201504-06"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8103",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8103"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168716",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168716"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

52
2014/8xxx/CVE-2014-8121.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the files back end of Name Service Switch (NSS) did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database while iterating over it could enter an infinite loop, leading to a denial of service."
"value": "DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.17-78.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -54,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2015:0327",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0327"
},
{
"url": "https://security.gentoo.org/glsa/201602-02",
"refsource": "MISC",
@ -100,44 +94,14 @@
"name": "http://www.securityfocus.com/bid/73038"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8121",
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8121"
"name": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165192",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1165192"
},
{
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html",
"refsource": "MISC",
"name": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

73
2014/8xxx/CVE-2014-8123.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8123",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "71386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71386"
"url": "http://www.openwall.com/lists/oss-security/2014/12/01/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/01/4"
},
{
"name": "[oss-security] 20141201 Buffer overflow in antiword 0.37",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/01/4"
"url": "http://www.openwall.com/lists/oss-security/2014/12/02/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/02/1"
},
{
"name": "[oss-security] 20141202 Re: Buffer overflow in antiword 0.37",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/02/1"
"url": "http://www.securityfocus.com/bid/71386",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71386"
}
]
}

67
2014/8xxx/CVE-2014-8131.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8131",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://security.libvirt.org/2014/0008.html",
"refsource": "CONFIRM",
"url": "http://security.libvirt.org/2014/0008.html"
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html"
},
{
"name": "openSUSE-SU-2015:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html"
"url": "http://security.libvirt.org/2014/0008.html",
"refsource": "MISC",
"name": "http://security.libvirt.org/2014/0008.html"
}
]
}

169
2014/8xxx/CVE-2014-8133.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8133",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2515-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2515-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1172797",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172797"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
},
{
"name": "USN-2491-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2491-1"
"url": "http://www.debian.org/security/2015/dsa-3128",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3128"
},
{
"name": "SUSE-SU-2015:0736",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
"url": "http://www.ubuntu.com/usn/USN-2491-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2491-1"
},
{
"name": "USN-2490-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2490-1"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
},
{
"name": "USN-2492-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2492-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=41bdc78544b8a93a9c6814b8bbbfef966272abbe",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=41bdc78544b8a93a9c6814b8bbbfef966272abbe"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41bdc78544b8a93a9c6814b8bbbfef966272abbe",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41bdc78544b8a93a9c6814b8bbbfef966272abbe"
"url": "http://rhn.redhat.com/errata/RHSA-2015-1272.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1272.html"
},
{
"name": "62801",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62801"
"url": "http://secunia.com/advisories/62801",
"refsource": "MISC",
"name": "http://secunia.com/advisories/62801"
},
{
"name": "71684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71684"
"url": "http://www.openwall.com/lists/oss-security/2014/12/15/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/15/6"
},
{
"name": "USN-2518-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2518-1"
"url": "http://www.securityfocus.com/bid/71684",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71684"
},
{
"name": "MDVSA-2015:058",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
"url": "http://www.ubuntu.com/usn/USN-2490-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2490-1"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"url": "http://www.ubuntu.com/usn/USN-2492-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2492-1"
},
{
"name": "USN-2493-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2493-1"
"url": "http://www.ubuntu.com/usn/USN-2493-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2493-1"
},
{
"name": "USN-2517-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2517-1"
"url": "http://www.ubuntu.com/usn/USN-2515-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2515-1"
},
{
"name": "DSA-3128",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3128"
"url": "http://www.ubuntu.com/usn/USN-2516-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2516-1"
},
{
"name": "USN-2516-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2516-1"
"url": "http://www.ubuntu.com/usn/USN-2517-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2517-1"
},
{
"name": "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe"
"url": "http://www.ubuntu.com/usn/USN-2518-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2518-1"
},
{
"name": "RHSA-2015:1272",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1272.html"
"url": "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe"
},
{
"name": "[oss-security] 20141215 Linux kernel: multiple x86_64 vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/15/6"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172797",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1172797"
}
]
}

54
2014/8xxx/CVE-2014-8141.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow flaw was found in the way unzip handled Zip64 files. A specially crafted Zip archive could possibly cause unzip to crash when the archive was uncompressed."
"value": "Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "Buffer Overflow"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "Info-ZIP",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "UnZip",
"version": {
"version_data": [
{
"version_value": "0:6.0-2.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:6.0-15.ael7b",
"version_affected": "!"
"version_affected": "=",
"version_value": "6.0 and earlier"
}
]
}
@ -80,41 +68,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0700"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8141",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8141"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174856",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1174856"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

99
2014/8xxx/CVE-2014-8153.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8153",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "71961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71961"
},
{
"name": "https://bugs.launchpad.net/neutron/+bug/1398779",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/neutron/+bug/1398779"
},
{
"name": "https://bugs.launchpad.net/neutron/+bug/1399172",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/neutron/+bug/1399172"
},
{
"name": "[openstack-announce] 20150108 [OSSA 2015-001] L3 agent denial of service with radvd 2.0+ (CVE-2014-8153)",
"refsource": "MLIST",
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1169408",
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169408"
"name": "http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.html"
},
{
"url": "http://www.securityfocus.com/bid/71961",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71961"
},
{
"url": "https://bugs.launchpad.net/neutron/+bug/1398779",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/neutron/+bug/1398779"
},
{
"url": "https://bugs.launchpad.net/neutron/+bug/1399172",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/neutron/+bug/1399172"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169408",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1169408"
}
]
}

67
2014/8xxx/CVE-2014-8163.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8163",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1187340",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187340"
"url": "https://access.redhat.com/security/cve/cve-2014-8163",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-8163"
},
{
"name": "https://access.redhat.com/security/cve/cve-2014-8163",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2014-8163"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187340",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1187340"
}
]
}

89
2014/8xxx/CVE-2014-8171.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the Linux kernel memory resource controller's (memcg) handling of OOM (out of memory) conditions could lead to deadlocks. An attacker able to continuously spawn new processes within a single memory-constrained cgroup during an OOM event could use this flaw to lock up the system."
"value": "The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Deadlock",
"cweId": "CWE-833"
"value": "n/a"
}
]
}
@ -32,42 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-504.16.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-327.rt56.204.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-327.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-327.rt56.170.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -85,26 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0864.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0864"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-0068.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-0068.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0068",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0068"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2152",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2152"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-2152.html",
"refsource": "MISC",
@ -120,46 +78,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/74293"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2411"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8171",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8171"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198109",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1198109"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}
}

82
2014/8xxx/CVE-2014-8173.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system."
"value": "The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted MADV_WILLNEED madvise system call that leverages the absence of a page-table lock."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-229.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-229.rt56.144.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -70,21 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0290.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0290",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0290"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-0694.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0694.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0694",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0694"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html",
"refsource": "MISC",
@ -96,58 +74,14 @@
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee53664bda169f519ce3c6a22d378f0b946c8178"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8173",
"url": "https://github.com/torvalds/linux/commit/ee53664bda169f519ce3c6a22d378f0b946c8178",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8173"
"name": "https://github.com/torvalds/linux/commit/ee53664bda169f519ce3c6a22d378f0b946c8178"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198457",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1198457"
},
{
"url": "https://github.com/torvalds/linux/commit/ee53664bda169f519ce3c6a22d378f0b946c8178",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ee53664bda169f519ce3c6a22d378f0b946c8178"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
}

13
2014/8xxx/CVE-2014-8181.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8181",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7"
}
]
@ -53,9 +54,9 @@
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335817",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1335817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335817"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1335817"
}
]
}

73
2014/9xxx/CVE-2014-9483.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9483",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599"
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/15",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/03/15"
},
{
"name": "[oss-security] 20150103 Re: CVE request for emacs possibly",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/15"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688"
},
{
"name": "emacs-cve20149483-sec-bypass(99688)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599"
}
]
}

127
2014/9xxx/CVE-2014-9731.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9731",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
},
{
"name": "SUSE-SU-2015:1611",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
},
{
"name": "https://github.com/torvalds/linux/commit/0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228220",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228220"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14"
"url": "http://www.openwall.com/lists/oss-security/2015/06/03/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/06/03/4"
},
{
"name": "SUSE-SU-2015:1224",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
"url": "http://www.securityfocus.com/bid/75001",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/75001"
},
{
"name": "SUSE-SU-2015:1592",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
"url": "https://github.com/torvalds/linux/commit/0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14"
},
{
"name": "[oss-security] 20150603 CVE request Linux kernel: udf: information leakage when reading symlink",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/03/4"
"url": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "75001",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75001"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228220",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228220"
}
]
}

91
2015/5xxx/CVE-2015-5185.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5185",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-14200",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172667.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172634.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172634.html"
},
{
"name": "FEDORA-2015-14197",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172634.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172659.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172659.html"
},
{
"name": "[oss-security] 20150820 CVE-2015-5185 sblim-sfcb: lookupProviders() null pointer dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/08/21/2"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172667.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172667.html"
},
{
"name": "91212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91212"
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00019.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00019.html"
},
{
"name": "openSUSE-SU-2015:1571",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00019.html"
"url": "http://www.openwall.com/lists/oss-security/2015/08/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/21/2"
},
{
"name": "FEDORA-2015-14199",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172659.html"
"url": "http://www.securityfocus.com/bid/91212",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/91212"
}
]
}

59
2015/5xxx/CVE-2015-5189.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A race condition was found in the way the pcsd web UI backend performed authorization of user requests. An attacker could use this flaw to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more privileged user."
"value": "Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization",
"cweId": "CWE-863"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.9.139-9.el6_7.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:0.9.137-13.el7_1.4",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -70,46 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1700.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1700",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1700"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5189",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5189"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252805",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1252805"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
]
}
}

59
2015/5xxx/CVE-2015-5190.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A command injection flaw was found in the pcsd web UI. An attacker able to trick a victim that was logged in to the pcsd web UI into visiting a specially crafted URL could use this flaw to execute arbitrary code with root privileges on the server hosting the web UI."
"value": "The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary commands via \"escape characters\" in a URL."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"cweId": "CWE-77"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.9.139-9.el6_7.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:0.9.137-13.el7_1.4",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -70,46 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1700.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1700",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1700"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5190",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5190"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252813",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1252813"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

68
2015/5xxx/CVE-2015-5194.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands."
"value": "The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:4.2.6p5-10.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.2.6p5-25.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -110,16 +98,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0780",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0780"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:2583",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:2583"
},
{
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157",
"refsource": "MISC",
@ -166,44 +144,14 @@
"name": "http://www.securityfocus.com/bid/76475"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5194",
"url": "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5194"
"name": "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1254542",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1254542"
},
{
"url": "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27",
"refsource": "MISC",
"name": "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
}

68
2015/5xxx/CVE-2015-5195.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that ntpd would exit with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) was referenced by the statistics or filegen configuration command."
"value": "ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:4.2.6p5-10.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.2.6p5-25.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -110,16 +98,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0780",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0780"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:2583",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:2583"
},
{
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157",
"refsource": "MISC",
@ -151,44 +129,14 @@
"name": "http://www.securityfocus.com/bid/76474"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5195",
"url": "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5195"
"name": "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1254544",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1254544"
},
{
"url": "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be",
"refsource": "MISC",
"name": "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
}

109
2015/5xxx/CVE-2015-5199.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5199",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-14851",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167469.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170637.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170637.html"
},
{
"name": "76636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76636"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165546.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165546.html"
},
{
"name": "FEDORA-2015-3ca3f2138b",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170637.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167469.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167469.html"
},
{
"name": "FEDORA-2015-14850",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165546.html"
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00012.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00012.html"
},
{
"name": "USN-2729-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2729-1"
"url": "http://lists.x.org/archives/xorg-announce/2015-August/002630.html",
"refsource": "MISC",
"name": "http://lists.x.org/archives/xorg-announce/2015-August/002630.html"
},
{
"name": "openSUSE-SU-2015:1537",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00012.html"
"url": "http://www.debian.org/security/2015/dsa-3355",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3355"
},
{
"name": "[xorg-announce] 20150831 libvdpau 1.1.1",
"refsource": "MLIST",
"url": "http://lists.x.org/archives/xorg-announce/2015-August/002630.html"
"url": "http://www.securityfocus.com/bid/76636",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/76636"
},
{
"name": "DSA-3355",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3355"
"url": "http://www.ubuntu.com/usn/USN-2729-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2729-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1253826",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253826"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253826",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1253826"
}
]
}

71
2015/5xxx/CVE-2015-5201.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2015-5201 RHEV: vdsm spice disable-ticketing and VM suspend and restore allows auth bypass"
"value": "VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "Weak Authentication"
}
]
}
@ -32,31 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "RedHat",
"product": {
"product_data": [
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"product_name": "Enterprise Virtualization Hypervisor (aka RHEV-H)",
"version": {
"version_data": [
{
"version_value": "0:6.7-20151123.0.el6ev",
"version_affected": "!"
},
{
"version_value": "0:7.2-20151129.1.el6ev",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-7",
"version": {
"version_data": [
{
"version_value": "0:7.2-20151129.1.el7ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0"
}
]
}
@ -69,26 +53,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHEA-2015:2527",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHEA-2015:2527"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5201",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5201"
},
{
"url": "https://access.redhat.com/security/cve/cve-2015-5201",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2015-5201"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273144",
"refsource": "MISC",
@ -98,31 +67,11 @@
"url": "https://rhn.redhat.com/errata/RHEA-2015-2527.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHEA-2015-2527.html"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1253882"
}
]
}

72
2015/5xxx/CVE-2015-5219.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was discovered that the sntp utility could become unresponsive due to being caught in an infinite loop when processing a crafted NTP packet."
"value": "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:4.2.6p5-10.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.2.6p5-25.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -135,26 +123,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0780",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0780"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:2583",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:2583"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5219",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5219"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf",
"refsource": "MISC",
@ -199,31 +167,11 @@
"url": "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409",
"refsource": "MISC",
"name": "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118"
}
]
}

79
2015/5xxx/CVE-2015-5231.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5231",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150825 CVE-2015-5228 & CVE-2015-5231 in the criu service daemon",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/08/25/5"
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00030.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00030.html"
},
{
"name": "openSUSE-SU-2015:1593",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00030.html"
"url": "http://www.openwall.com/lists/oss-security/2015/08/25/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/25/5"
},
{
"name": "[CRIU] 20150825 Hardening the criu service daemon",
"refsource": "MLIST",
"url": "https://lists.openvz.org/pipermail/criu/2015-August/021847.html"
"url": "https://lists.openvz.org/pipermail/criu/2015-August/021847.html",
"refsource": "MISC",
"name": "https://lists.openvz.org/pipermail/criu/2015-August/021847.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256728",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256728"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256728",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256728"
}
]
}

86
2015/5xxx/CVE-2015-5251.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered in the OpenStack Image service (glance) where a tenant could manipulate the status of their images by submitting an HTTP PUT request together with an 'x-image-meta-status' header. A malicious tenant could exploit this flaw to reactivate disabled images, bypass storage quotas, and in some cases replace image contents (where they have owner access). Setups using the Image service's v1 API could allow the illegal modification of image status. Additionally, setups which also use the v2 API could allow a subsequent re-upload of image contents."
"value": "OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Authorization",
"cweId": "CWE-285"
"value": "n/a"
}
]
}
@ -32,49 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-3.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-3.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.2.3-3.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2015.1.1-3.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -92,56 +58,16 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1897.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1897",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1897"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5251",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5251"
},
{
"url": "https://bugs.launchpad.net/bugs/1482371",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/bugs/1482371"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263511",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1263511"
},
{
"url": "https://security.openstack.org/ossa/OSSA-2015-019.html",
"refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2015-019.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

115
2015/5xxx/CVE-2015-5261.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5261",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1890",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1890.html"
"url": "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html",
"refsource": "MISC",
"name": "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html"
},
{
"name": "[oss-security] 20151006 Fwd: [vs-plain] CVE-2015-5261",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/06/4"
"url": "http://www.securitytracker.com/id/1033753",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033753"
},
{
"name": "GLSA-201606-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-05"
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261889",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261889"
"url": "http://rhn.redhat.com/errata/RHSA-2015-1889.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1889.html"
},
{
"name": "USN-2766-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2766-1"
"url": "http://rhn.redhat.com/errata/RHSA-2015-1890.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1890.html"
},
{
"name": "[Spice-devel] 20151006 Announcing spice 0.12.6",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html"
"url": "http://www.debian.org/security/2015/dsa-3371",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3371"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"url": "http://www.ubuntu.com/usn/USN-2766-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2766-1"
},
{
"name": "RHSA-2015:1889",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1889.html"
"url": "https://security.gentoo.org/glsa/201606-05",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201606-05"
},
{
"name": "DSA-3371",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3371"
"url": "http://www.openwall.com/lists/oss-security/2015/10/06/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/06/4"
},
{
"name": "1033753",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033753"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261889",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261889"
}
]
}

103
2015/5xxx/CVE-2015-5271.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered in the pipeline ordering of OpenStack Object Storage's staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package (OpenStack director). The staticweb middleware was incorrectly configured before the Identity Service, and under some conditions an attacker could use this flaw to gain unauthenticated access to private data."
"value": "The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Authorization",
"cweId": "CWE-285"
"value": "n/a"
}
]
}
@ -32,68 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform director 7.0 for RHEL 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.1.1-6.el7ost",
"version_affected": "!"
},
{
"version_value": "0:2.1.2-29.el7ost",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-6.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.0.1.dev6-3.git49b57eb.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.8.6-71.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.9.6-10.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.0.1-5.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.4.18-4.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-3.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.2.8-7.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.1.4-4.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.14-7.el7ost",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-4.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.0.10-8.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -111,50 +58,20 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1862"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5271",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5271"
},
{
"url": "https://bugs.launchpad.net/tripleo/+bug/1494896",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/tripleo/+bug/1494896"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261697",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261697"
},
{
"url": "https://launchpadlibrarian.net/217268516/CVE-2015-5271_puppet-swift.patch",
"refsource": "MISC",
"name": "https://launchpadlibrarian.net/217268516/CVE-2015-5271_puppet-swift.patch"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261697",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261697"
}
]
}

97
2015/5xxx/CVE-2015-5281.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5281",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "77983",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77983"
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "FEDORA-2015-2c155d7632",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172942.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172611.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172611.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1264103",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1264103"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172942.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172942.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2401.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2401.html"
},
{
"name": "RHSA-2015:2401",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2401.html"
"url": "http://www.securityfocus.com/bid/77983",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/77983"
},
{
"name": "FEDORA-2015-c3b4fef3af",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172611.html"
"url": "http://www.securitytracker.com/id/1034198",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034198"
},
{
"name": "1034198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034198"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1264103",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1264103"
}
]
}

103
2015/5xxx/CVE-2015-5301.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5301",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.0.2",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.0.2"
"url": "http://www.openwall.com/lists/oss-security/2015/10/27/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/27/8"
},
{
"name": "FEDORA-2015-15290",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171076.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171052.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171052.html"
},
{
"name": "FEDORA-2015-15291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171052.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171067.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171067.html"
},
{
"name": "FEDORA-2015-15292",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171067.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171076.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171076.html"
},
{
"name": "[oss-security] 20151027 Multiple CVE info for Ipsilon",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/27/8"
"url": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.0.2",
"refsource": "MISC",
"name": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.0.2"
},
{
"name": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.1.1",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.1.1"
"url": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.1.1",
"refsource": "MISC",
"name": "https://fedorahosted.org/ipsilon/wiki/Releases/v1.1.1"
},
{
"name": "https://pagure.io/ipsilon/9dec97c3c83928d231ea10f4160523a13803e594",
"refsource": "CONFIRM",
"url": "https://pagure.io/ipsilon/9dec97c3c83928d231ea10f4160523a13803e594"
"url": "https://pagure.io/ipsilon/9dec97c3c83928d231ea10f4160523a13803e594",
"refsource": "MISC",
"name": "https://pagure.io/ipsilon/9dec97c3c83928d231ea10f4160523a13803e594"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1271530",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271530"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271530",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1271530"
}
]
}

205
2015/5xxx/CVE-2015-5312.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5312",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,132 +27,156 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:2550",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
"url": "http://xmlsoft.org/news.html",
"refsource": "MISC",
"name": "http://xmlsoft.org/news.html"
},
{
"name": "APPLE-SA-2016-03-21-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0106",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "https://support.apple.com/HT206167",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206167"
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"name": "https://support.apple.com/HT206168",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206168"
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
},
{
"name": "DSA-3430",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3430"
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
},
{
"name": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e",
"refsource": "CONFIRM",
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"name": "APPLE-SA-2016-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
},
{
"name": "http://xmlsoft.org/news.html",
"refsource": "CONFIRM",
"url": "http://xmlsoft.org/news.html"
"url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=145382616617563&w=2"
},
{
"name": "RHSA-2016:1089",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
},
{
"name": "APPLE-SA-2016-03-21-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
"url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
},
{
"name": "USN-2834-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2834-1"
"url": "http://www.debian.org/security/2015/dsa-3430",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3430"
},
{
"name": "1034243",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034243"
"url": "http://www.securityfocus.com/bid/79536",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/79536"
},
{
"name": "RHSA-2015:2549",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
"url": "http://www.securitytracker.com/id/1034243",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034243"
},
{
"name": "HPSBGN03537",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2"
"url": "http://www.ubuntu.com/usn/USN-2834-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2834-1"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e",
"refsource": "MISC",
"name": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
},
{
"name": "GLSA-201701-37",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-37"
"url": "https://security.gentoo.org/glsa/201701-37",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201701-37"
},
{
"name": "openSUSE-SU-2015:2372",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
"url": "https://support.apple.com/HT206166",
"refsource": "MISC",
"name": "https://support.apple.com/HT206166"
},
{
"name": "APPLE-SA-2016-03-21-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
"url": "https://support.apple.com/HT206167",
"refsource": "MISC",
"name": "https://support.apple.com/HT206167"
},
{
"name": "https://support.apple.com/HT206169",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206169"
"url": "https://support.apple.com/HT206168",
"refsource": "MISC",
"name": "https://support.apple.com/HT206168"
},
{
"name": "https://support.apple.com/HT206166",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206166"
"url": "https://support.apple.com/HT206169",
"refsource": "MISC",
"name": "https://support.apple.com/HT206169"
},
{
"name": "79536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79536"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
}
]
}

75
2015/5xxx/CVE-2015-5313.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A path-traversal flaw was found in the way the libvirt daemon handled filesystem names for storage volumes. A libvirt user with privileges to create storage volumes and without privileges to create and modify domains could possibly use this flaw to escalate their privileges."
"value": "Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.0.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.1 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2.0.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:2.0.0-10.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -81,11 +58,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-2577.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:2577",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:2577"
},
{
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=034e47c338b13a95cf02106a3af912c1c5f818d7",
"refsource": "MISC",
@ -106,16 +78,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/90913"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5313",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5313"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277121",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1277121"
},
{
"url": "https://security.gentoo.org/glsa/201612-10",
"refsource": "MISC",
@ -127,30 +89,5 @@
"name": "https://www.redhat.com/archives/libvir-list/2015-December/msg00473.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:C/A:N",
"version": "2.0"
}
]
}
}

73
2015/6xxx/CVE-2015-6815.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-6815",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 2.4.0.1"
}
]
@ -53,69 +54,69 @@
"references": {
"reference_data": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html"
},
{
"url": "http://www.ubuntu.com/usn/USN-2745-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2745-1",
"url": "http://www.ubuntu.com/usn/USN-2745-1"
"name": "http://www.ubuntu.com/usn/USN-2745-1"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/04/4",
"url": "http://www.openwall.com/lists/oss-security/2015/09/04/4"
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/09/04/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/05/5",
"url": "http://www.openwall.com/lists/oss-security/2015/09/05/5"
"name": "http://www.openwall.com/lists/oss-security/2015/09/04/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/09/05/5",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260076"
},
{
"refsource": "CONFIRM",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html"
},
{
"refsource": "CONFIRM",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html"
"name": "http://www.openwall.com/lists/oss-security/2015/09/05/5"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260076",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260076"
}
]
}

73
2015/7xxx/CVE-2015-7510.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7510",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/systemd/systemd/issues/2002",
"refsource": "CONFIRM",
"url": "https://github.com/systemd/systemd/issues/2002"
"url": "https://github.com/keszybz/systemd/commit/cb31827d62066a04b02111df3052949fda4b6888",
"refsource": "MISC",
"name": "https://github.com/keszybz/systemd/commit/cb31827d62066a04b02111df3052949fda4b6888"
},
{
"name": "https://github.com/keszybz/systemd/commit/cb31827d62066a04b02111df3052949fda4b6888",
"refsource": "CONFIRM",
"url": "https://github.com/keszybz/systemd/commit/cb31827d62066a04b02111df3052949fda4b6888"
"url": "https://github.com/systemd/systemd/issues/2002",
"refsource": "MISC",
"name": "https://github.com/systemd/systemd/issues/2002"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284642",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284642"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284642",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284642"
}
]
}

91
2015/7xxx/CVE-2015-7512.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Note that to exploit this flaw, the guest network interface must have a large MTU limit."
"value": "Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -135,62 +112,6 @@
"url": "http://www.securitytracker.com/id/1034527",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034527"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2694",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2694"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2695",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2695"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2696",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2696"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-7512",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-7512"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285061",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285061"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Jason Wang (Red Hat) and Ling Liu (Qihoo 360 Inc.)."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

169
2015/7xxx/CVE-2015-7513.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7513",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160107 CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/07/2"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"name": "FEDORA-2016-26e19f042a",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html"
},
{
"name": "USN-2887-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2887-2"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8"
},
{
"name": "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html"
},
{
"name": "USN-2886-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2886-1"
"url": "http://www.debian.org/security/2016/dsa-3434",
"refsource": "MISC",
"name": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "USN-2887-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2887-1"
"url": "http://www.openwall.com/lists/oss-security/2016/01/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/01/07/2"
},
{
"name": "USN-2890-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2890-3"
"url": "http://www.securityfocus.com/bid/79901",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/79901"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8"
"url": "http://www.securitytracker.com/id/1034602",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034602"
},
{
"name": "USN-2889-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2889-1"
"url": "http://www.ubuntu.com/usn/USN-2886-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2886-1"
},
{
"name": "FEDORA-2016-b59fd603be",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html"
"url": "http://www.ubuntu.com/usn/USN-2887-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2887-1"
},
{
"name": "USN-2889-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2889-2"
"url": "http://www.ubuntu.com/usn/USN-2887-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2887-2"
},
{
"name": "79901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79901"
"url": "http://www.ubuntu.com/usn/USN-2888-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2888-1"
},
{
"name": "FEDORA-2016-5d43766e33",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
"url": "http://www.ubuntu.com/usn/USN-2889-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2889-1"
},
{
"name": "USN-2890-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2890-2"
"url": "http://www.ubuntu.com/usn/USN-2889-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2889-2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284847",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284847"
"url": "http://www.ubuntu.com/usn/USN-2890-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2890-1"
},
{
"name": "USN-2890-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2890-1"
"url": "http://www.ubuntu.com/usn/USN-2890-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2890-2"
},
{
"name": "DSA-3434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3434"
"url": "http://www.ubuntu.com/usn/USN-2890-3",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2890-3"
},
{
"name": "1034602",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034602"
"url": "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8"
},
{
"name": "USN-2888-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2888-1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284847",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284847"
}
]
}

79
2015/7xxx/CVE-2015-7514.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7514",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://review.openstack.org/#/c/253001",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/#/c/253001"
"url": "http://www.openwall.com/lists/oss-security/2015/12/03/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/12/03/4"
},
{
"name": "[oss-security] 20151203 OpenStack Ironic does not honor clean steps (CVE-2015-7514)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/03/4"
"url": "https://review.openstack.org/#/c/252993",
"refsource": "MISC",
"name": "https://review.openstack.org/#/c/252993"
},
{
"name": "https://review.openstack.org/#/c/252993",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/#/c/252993"
"url": "https://review.openstack.org/#/c/253001",
"refsource": "MISC",
"name": "https://review.openstack.org/#/c/253001"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285809",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285809"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285809",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285809"
}
]
}

169
2015/7xxx/CVE-2015-7515.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7515",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2971-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2971-2"
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2015-7515",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2015-7515"
"url": "http://www.debian.org/security/2016/dsa-3607",
"refsource": "MISC",
"name": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "USN-2967-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2967-1"
"url": "http://www.ubuntu.com/usn/USN-2968-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2968-1"
},
{
"name": "84288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84288"
"url": "http://www.ubuntu.com/usn/USN-2968-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2968-2"
},
{
"name": "USN-2970-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2970-1"
"url": "http://www.ubuntu.com/usn/USN-2969-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2969-1"
},
{
"name": "USN-2969-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2969-1"
"url": "http://www.ubuntu.com/usn/USN-2970-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2970-1"
},
{
"name": "USN-2967-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2967-2"
"url": "http://www.ubuntu.com/usn/USN-2971-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2971-1"
},
{
"name": "USN-2968-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2968-1"
"url": "http://www.ubuntu.com/usn/USN-2971-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2971-2"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
"url": "http://www.ubuntu.com/usn/USN-2971-3",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2971-3"
},
{
"name": "USN-2971-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2971-3"
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285326",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285326"
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
},
{
"name": "DSA-3607",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3607"
"url": "http://www.ubuntu.com/usn/USN-2967-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2967-1"
},
{
"name": "39544",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39544/"
"url": "http://www.ubuntu.com/usn/USN-2967-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2967-2"
},
{
"name": "USN-2971-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2971-1"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
},
{
"name": "SUSE-SU-2016:1102",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
"url": "http://www.securityfocus.com/bid/84288",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/84288"
},
{
"name": "USN-2968-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2968-2"
"url": "https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
},
{
"name": "SUSE-SU-2016:2074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
"url": "https://security-tracker.debian.org/tracker/CVE-2015-7515",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2015-7515"
},
{
"name": "https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96"
"url": "https://www.exploit-db.com/exploits/39544/",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/39544/"
},
{
"name": "SUSE-SU-2016:0911",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285326",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285326"
}
]
}

85
2015/7xxx/CVE-2015-7521.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7521",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160128 CVE-2015-7521: Apache Hive authorization bug disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/28/12"
},
{
"name": "20160218 CVE-2015-7521: Apache Hive authorization bug disclosure (update)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537549/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html",
"url": "http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html"
"name": "http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E"
},
{
"name": "[hive-user] 20160128 CVE-2015-7521: Apache Hive authorization bug disclosure",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E"
"url": "http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2016/01/28/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/01/28/12"
},
{
"url": "http://www.securityfocus.com/archive/1/537549/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/537549/100/0/threaded"
}
]
}

67
2015/7xxx/CVE-2015-7561.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7561",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/kubernetes/kubernetes/pull/18909",
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/pull/18909"
"url": "https://github.com/kubernetes/kubernetes/pull/18909",
"refsource": "MISC",
"name": "https://github.com/kubernetes/kubernetes/pull/18909"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1291963",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291963"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291963",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1291963"
}
]
}

100
2015/7xxx/CVE-2015-7713.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in the way OpenStack Compute (nova) networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances."
"value": "OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Authorization",
"cweId": "CWE-285"
"value": "n/a"
}
]
}
@ -32,53 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-16.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-9.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.2.3-42.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2015.1.2-7.el7ost",
"version_affected": "!"
},
{
"version_value": "1:2.23.0-2.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -91,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2016:0017",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0017"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-2684.html",
"refsource": "MISC",
@ -111,21 +68,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2673"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2684",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2684"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0013",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0013"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-7713",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-7713"
},
{
"url": "https://bugs.launchpad.net/nova/+bug/1491307",
"refsource": "MISC",
@ -136,41 +78,11 @@
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1492961"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269119",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1269119"
},
{
"url": "https://security.openstack.org/ossa/OSSA-2015-021.html",
"refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2015-021.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
]
}
}